User authorization in distributed systems
- vedadramovic
- Posts:121
- Joined: Mon Apr 07, 2014 10:36 am
User authorization in distributed systems
I have a question about user authorization. Our system is organised in this way. We have distributed system where one system is master and six client systems. All DPs are visible in master system and all alerts too. I have created a „test“ user on master system that belongs to a „root“ group. Loging in with a „test“ user I can see all alerts from client systems but I have problem acknowledging them. Only local alert from master system can be acknowledged. With a user „root“ everythig works well. Than, I created same „test“ users on all client systems but it also didn't give results. I would be thankful if You can give me some instructions what is necessary to change in order to acknowledge alerts from other system with created user.
- leoknipp
- Posts:2928
- Joined: Tue Aug 24, 2010 7:28 pm
Re: User authorization in distributed systems
as the user permissions are also checked when working on a distributed system it is recommended to have the same configuration for the users and user groups in all systems.
When WinCC OA 3.12 or a newer version you can use the dist management functionality to achieve this requirement.
For details please have a look at the online help: Special functions --> Dist-Management.
Afterwards please check if acknowledging alerts works.
Best Regards
Leopold Knipp
Senior Support Specialist
When WinCC OA 3.12 or a newer version you can use the dist management functionality to achieve this requirement.
For details please have a look at the online help: Special functions --> Dist-Management.
Afterwards please check if acknowledging alerts works.
Best Regards
Leopold Knipp
Senior Support Specialist
- vedadramovic
- Posts:121
- Joined: Mon Apr 07, 2014 10:36 am
Re: User authorization in distributed systems
That helped solving my problem.
- chris@blue-catalyst.co.uk
- Posts:32
- Joined: Tue Jun 11, 2013 9:27 am
Re: User authorization in distributed systems
Is there a way to automatically sync the users and permissions?
For example; in a distributed system where all servers are connected to active directory and a new user logs in for the first time it creates the user in the database - but only at the master station. It would be helpful if the user appeared at the master station and the client stations.
For example; in a distributed system where all servers are connected to active directory and a new user logs in for the first time it creates the user in the database - but only at the master station. It would be helpful if the user appeared at the master station and the client stations.
- leoknipp
- Posts:2928
- Joined: Tue Aug 24, 2010 7:28 pm
Re: User authorization in distributed systems
in WinCC OA feature "Dist Management" is implemented.
One function of this feature is to distribute information for the user accounts to other distributed systems.
For details please have a look a the online help:
Special functions --> Dist-Management
Best Regards
Leopold Knipp
Senior Support Specialist
One function of this feature is to distribute information for the user accounts to other distributed systems.
For details please have a look a the online help:
Special functions --> Dist-Management
Best Regards
Leopold Knipp
Senior Support Specialist
- chris@blue-catalyst.co.uk
- Posts:32
- Joined: Tue Jun 11, 2013 9:27 am
Re: User authorization in distributed systems
Thanks for the response, yes I had already been through the instructions in the help to distribute users to client systems.
The issue is that this is a manual process and my query as was asking if there was a way to automatically distribute users so that on a first login, providing the user is in active directory, they will be created on all servers in a distributed system?
The issue is that this is a manual process and my query as was asking if there was a way to automatically distribute users so that on a first login, providing the user is in active directory, they will be created on all servers in a distributed system?
- leoknipp
- Posts:2928
- Joined: Tue Aug 24, 2010 7:28 pm
Re: User authorization in distributed systems
when using an ActiveDirectory (Windows user administration) the user account normally is created automatically when doing the first login.
Normally there is no need to distribute this information to other dist systems.
Also in every system a cyclic process (every 60 minutes) is running which reads information from the ActiveDirectory to update user information.
Best Regards
Leopold Knipp
Senior Support Specialist
Normally there is no need to distribute this information to other dist systems.
Also in every system a cyclic process (every 60 minutes) is running which reads information from the ActiveDirectory to update user information.
Best Regards
Leopold Knipp
Senior Support Specialist